Data Security While Working Remotely

Cybercriminals are working overtime trying to exploit the Coronavirus and ‘work-from-home’
situations. As many College staff begin moving towards a temporary ‘work from home’
model, it is important to keep our existing information security practices in mind
and to adopt extra security measures. As you receive instruction and remote access
to the College network, please pay attention to the following best practices. ITS has providedinstructions for connecting to our terminal servers or your office workstation from home. If you utilize these services, pay special attention to the following:

If you checked out a laptop, treat this as you would personal technology; laptops
are a high-theft target. Any confidential College data stored on a stolen laptop
would be considered a data breach by the State of Oregon and the Department of Education.

Remote desktop allows you to access ‘My Documents’, N:\ drive, and other College data
just as if you were in the office. Save documents back to these locations as you
normally would.

Antivirus Software:

If not already installed, install an Antivirus (A/V) program and scan your computer
at home, (yes, this includes Macs also.). This will help to ensure the protection
of college data.

In addition to the above A/V, MalwareBytes free is an excellent second level of defense (you can install and use both MalwareBytes
and one of the free A/V options listed above.)

Never disable A/V, in fact many malware infections start with a user disabling their A/V per request
of the malware.

Secure Your Home Computer:

Install recommended Windows and iOS updates and security patches and reboot as required.
Updates are usually enabled by default, however it’s a good idea to double-check that
you’re up to date. Google will make this verification easy, or feel free to email
Wesley Dymond for more information.

Verify Mac Updates - link to verify the most current Mac OS security updates are applied.

Laptops (personal or College) are high-value targets for theft. As stated above,
ensure these are locked up at home safely and do not store any College information
on them (even if they belong to the College.)

Verify that your home computers and laptops auto-lock, and require a password to unlock.

If you share your computers with family members, log out of all College connections
before allowing others to use the technology. Also, kids are great at finding computer
viruses – see above regarding A/V.

Cloud Storage:

As always, do not store College confidential information on cloud storage services
such as DropBox or Google Drive. The security risks and liability to the college
are similar to storing College data on personal technology.

COCC Email on Phones:

If your phone is setup to connect to COCC’s email services then that device must be
secured as well.

Phones should require a passcode, swipe pattern, fingerprint, or face ID to unlock.

Phones must be set to auto-lock after 3-5 minutes of inactivity.

Enable any ‘find my phone’ type services available from your cell carrier or phone
manufacturer, and verify that you can locate your phone remotely.

These services also allow the ability to wipe the phone remotely in case of loss.

Failure to follow these steps could result in our College reporting a data breach
to the State of Oregon and the Dept. of Higher Ed.